forked from OpenZeppelin/damn-vulnerable-defi
-
Notifications
You must be signed in to change notification settings - Fork 842
/
backdoor.challenge.js
61 lines (49 loc) · 2.29 KB
/
backdoor.challenge.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
const { ethers } = require('hardhat');
const { expect } = require('chai');
describe('[Challenge] Backdoor', function () {
let deployer, users, attacker;
const AMOUNT_TOKENS_DISTRIBUTED = ethers.utils.parseEther('40');
before(async function () {
/** SETUP SCENARIO - NO NEED TO CHANGE ANYTHING HERE */
[deployer, alice, bob, charlie, david, attacker] = await ethers.getSigners();
users = [alice.address, bob.address, charlie.address, david.address]
// Deploy Gnosis Safe master copy and factory contracts
this.masterCopy = await (await ethers.getContractFactory('GnosisSafe', deployer)).deploy();
this.walletFactory = await (await ethers.getContractFactory('GnosisSafeProxyFactory', deployer)).deploy();
this.token = await (await ethers.getContractFactory('DamnValuableToken', deployer)).deploy();
// Deploy the registry
this.walletRegistry = await (await ethers.getContractFactory('WalletRegistry', deployer)).deploy(
this.masterCopy.address,
this.walletFactory.address,
this.token.address,
users
);
// Users are registered as beneficiaries
for (let i = 0; i < users.length; i++) {
expect(
await this.walletRegistry.beneficiaries(users[i])
).to.be.true;
}
// Transfer tokens to be distributed to the registry
await this.token.transfer(this.walletRegistry.address, AMOUNT_TOKENS_DISTRIBUTED);
});
it('Exploit', async function () {
/** CODE YOUR EXPLOIT HERE */
});
after(async function () {
/** SUCCESS CONDITIONS */
for (let i = 0; i < users.length; i++) {
let wallet = await this.walletRegistry.wallets(users[i]);
// User must have registered a wallet
expect(wallet).to.not.eq(ethers.constants.AddressZero, "User did not register a wallet");
// User is no longer registered as a beneficiary
expect(
await this.walletRegistry.beneficiaries(users[i])
).to.be.false;
}
// Attacker must have taken all tokens
expect(
await this.token.balanceOf(attacker.address)
).to.eq(AMOUNT_TOKENS_DISTRIBUTED);
});
});